Lucene search

K
AppleSafari4.0.3

176 matches found

CVE
CVE
added 2010/09/10 7:0 p.m.160 views

CVE-2010-1807

WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related...

9.3CVSS8.9AI score0.80553EPSS
CVE
CVE
added 2012/11/03 5:55 p.m.154 views

CVE-2012-3748

Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript arrays.

5.1CVSS7.5AI score0.30417EPSS
CVE
CVE
added 2011/12/07 7:55 p.m.128 views

CVE-2010-5070

The JavaScript implementation in Apple Safari 4 does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method, a different vulnerability than ...

5CVSS5.3AI score0.00732EPSS
CVE
CVE
added 2012/07/25 8:55 p.m.117 views

CVE-2012-1520

WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

9.3CVSS7.8AI score0.0271EPSS
CVE
CVE
added 2010/06/11 7:30 p.m.73 views

CVE-2010-1419

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a certain window close...

9.3CVSS9.1AI score0.10048EPSS
CVE
CVE
added 2010/06/11 6:0 p.m.69 views

CVE-2010-1395

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving DOM constructor objects, related to a "scope management issu...

4.3CVSS7AI score0.01195EPSS
CVE
CVE
added 2011/10/14 10:55 a.m.68 views

CVE-2011-3243

Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5 and Safari before 5.1.1, allows remote attackers to inject arbitrary web script or HTML via vectors involving inactive DOM windows.

4.3CVSS5AI score0.00521EPSS
CVE
CVE
added 2010/06/11 7:30 p.m.65 views

CVE-2010-0544

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors related to a malformed URL.

4.3CVSS5.2AI score0.00763EPSS
CVE
CVE
added 2010/06/11 6:0 p.m.63 views

CVE-2010-1750

Use-after-free vulnerability in Apple Safari before 5.0 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper window management.

9.3CVSS7.6AI score0.05719EPSS
CVE
CVE
added 2010/07/30 8:30 p.m.63 views

CVE-2010-1792

WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression.

9.3CVSS9.2AI score0.06539EPSS
CVE
CVE
added 2009/09/21 7:30 p.m.62 views

CVE-2009-3272

Stack consumption vulnerability in WebKit.dll in WebKit in Apple Safari 3.2.3, and possibly other versions before 4.1.2, allows remote attackers to cause a denial of service (application crash) via JavaScript code that calls eval on a long string composed of A/ sequences.

5CVSS8.2AI score0.0444EPSS
CVE
CVE
added 2010/03/15 1:28 p.m.62 views

CVE-2010-0046

The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted format arguments.

9.3CVSS8.9AI score0.09029EPSS
CVE
CVE
added 2010/07/30 8:30 p.m.62 views

CVE-2010-1783

WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle dynamic modification of a text node, which allows remote attackers to execute arbitrary code or cause a denial of service (memory co...

9.3CVSS9.2AI score0.04924EPSS
CVE
CVE
added 2010/07/30 8:30 p.m.62 views

CVE-2010-1784

The counters functionality in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of servi...

9.3CVSS9.2AI score0.04924EPSS
CVE
CVE
added 2010/06/11 6:0 p.m.61 views

CVE-2010-1401

Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vec...

9.3CVSS9AI score0.10956EPSS
CVE
CVE
added 2010/03/15 2:15 p.m.60 views

CVE-2010-0051

WebKit in Apple Safari before 4.0.5 does not properly validate the cross-origin loading of stylesheets, which allows remote attackers to obtain sensitive information via a crafted HTML document. NOTE: this might overlap CVE-2010-0651.

4.3CVSS7.3AI score0.02404EPSS
CVE
CVE
added 2010/06/11 6:0 p.m.60 views

CVE-2010-1393

The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to discover sensitive URLs via an HREF attribute associated with a redirecting URL.

4.3CVSS8.3AI score0.01392EPSS
CVE
CVE
added 2010/06/11 7:30 p.m.60 views

CVE-2010-2264

The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages ...

4.3CVSS7.4AI score0.00732EPSS
CVE
CVE
added 2010/06/11 6:0 p.m.59 views

CVE-2010-1414

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the removeChild DOM method.

9.3CVSS9.1AI score0.13965EPSS
CVE
CVE
added 2010/07/30 8:30 p.m.59 views

CVE-2010-1782

WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to the rendering...

9.3CVSS9.3AI score0.06539EPSS
CVE
CVE
added 2010/03/25 9:0 p.m.58 views

CVE-2010-1119

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause a denial of service (application crash), or read the SMS database...

10CVSS8.6AI score0.28439EPSS
CVE
CVE
added 2010/03/15 1:28 p.m.57 views

CVE-2010-0040

Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a heap-based buffer overflow.

9.3CVSS8.8AI score0.19782EPSS
CVE
CVE
added 2010/06/11 6:0 p.m.57 views

CVE-2010-1390

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors related to improper UTF-7 canonicalization, and lack of termination of...

4.3CVSS7.1AI score0.01195EPSS
CVE
CVE
added 2010/06/11 6:0 p.m.57 views

CVE-2010-1749

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the Cascading Style Sheets (CSS) ru...

9.3CVSS8.6AI score0.12597EPSS
CVE
CVE
added 2010/06/11 7:30 p.m.57 views

CVE-2010-1771

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving fonts.

9.3CVSS8.7AI score0.08537EPSS
CVE
CVE
added 2010/07/30 8:30 p.m.57 views

CVE-2010-1785

WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; accesses uninitialized memory during processing of the (1) :first-letter and (2) :first-line pseudo-elements in an SVG text element, which allows remote atta...

9.3CVSS9.1AI score0.07555EPSS
CVE
CVE
added 2010/07/30 8:30 p.m.57 views

CVE-2010-1786

Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a foreignObject elemen...

9.3CVSS9.1AI score0.06495EPSS
CVE
CVE
added 2010/06/11 6:0 p.m.56 views

CVE-2010-1396

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the contentEditable attribute and r...

9.3CVSS8.6AI score0.07407EPSS
CVE
CVE
added 2010/06/11 6:0 p.m.56 views

CVE-2010-1417

The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via HTML content ...

9.3CVSS8.9AI score0.08544EPSS
CVE
CVE
added 2010/06/11 7:30 p.m.56 views

CVE-2010-1759

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the Node.normalize method.

9.3CVSS8.7AI score0.48797EPSS
CVE
CVE
added 2013/03/15 8:55 p.m.56 views

CVE-2013-0961

WebKit in Apple Safari before 6.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2013-0960.

6.8CVSS7.5AI score0.01189EPSS
CVE
CVE
added 2010/03/15 2:15 p.m.55 views

CVE-2010-0052

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "callbacks for HTML elements."

9.3CVSS8.6AI score0.08537EPSS
CVE
CVE
added 2010/06/11 6:0 p.m.55 views

CVE-2010-1402

Double free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to an event listener in an SVG document, ...

9.3CVSS9.1AI score0.10956EPSS
CVE
CVE
added 2010/06/11 6:0 p.m.55 views

CVE-2010-1404

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG document that contains recursive Use elements, ...

9.3CVSS9.2AI score0.12489EPSS
CVE
CVE
added 2010/06/11 7:30 p.m.55 views

CVE-2010-1758

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving DOM Range objects.

9.3CVSS8.7AI score0.13965EPSS
CVE
CVE
added 2012/07/25 8:55 p.m.55 views

CVE-2012-3681

WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

9.3CVSS7.8AI score0.02826EPSS
CVE
CVE
added 2010/06/11 6:0 p.m.54 views

CVE-2010-1389

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) paste or (2) drag-and-drop operation for...

4.3CVSS7.1AI score0.01007EPSS
CVE
CVE
added 2010/06/11 6:0 p.m.54 views

CVE-2010-1391

Multiple directory traversal vulnerabilities in the (a) Local Storage and (b) Web SQL database implementations in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allow remote attackers to create arbitrary database files via vectors invol...

4.3CVSS8.9AI score0.00565EPSS
CVE
CVE
added 2010/06/11 6:0 p.m.54 views

CVE-2010-1416

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly restrict the reading of a canvas that contains an SVG image pattern from a different web site, which allows remote attackers to read images from other sites via a crafted ...

4.3CVSS7.8AI score0.01397EPSS
CVE
CVE
added 2011/03/10 8:55 p.m.54 views

CVE-2011-1344

Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for iPhone, iPod, and iPad; iOS before 4.2.7 for iPhone 4 (CDMA); and possibly other products allows remote attackers to execute arbitrary code by adding children to a WBR tag and then removing the tag, r...

6.8CVSS9AI score0.03992EPSS
CVE
CVE
added 2010/03/15 1:28 p.m.53 views

CVE-2010-0048

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document.

9.3CVSS8.6AI score0.04724EPSS
CVE
CVE
added 2010/06/11 6:0 p.m.53 views

CVE-2010-1397

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to a layout change during selection re...

9.3CVSS8.7AI score0.12489EPSS
CVE
CVE
added 2010/06/11 6:0 p.m.53 views

CVE-2010-1398

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly perform ordered list insertions, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a craft...

9.3CVSS8.8AI score0.09518EPSS
CVE
CVE
added 2010/06/11 6:0 p.m.53 views

CVE-2010-1409

Incomplete blacklist vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to trigger disclosure of data over IRC via vectors involving an IRC service port.

5.8CVSS8.1AI score0.00883EPSS
CVE
CVE
added 2010/06/11 6:0 p.m.53 views

CVE-2010-1415

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle libxml contexts, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to an "API ...

9.3CVSS9AI score0.34318EPSS
CVE
CVE
added 2010/06/11 7:30 p.m.53 views

CVE-2010-1418

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via a FRAME element with a SRC attribute composed of a javascript: sequence preced...

4.3CVSS6.8AI score0.01199EPSS
CVE
CVE
added 2010/06/11 7:30 p.m.53 views

CVE-2010-1761

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML document subtrees.

9.3CVSS8.6AI score0.08374EPSS
CVE
CVE
added 2010/07/30 8:30 p.m.53 views

CVE-2010-1780

Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to ele...

9.3CVSS9.1AI score0.06495EPSS
CVE
CVE
added 2010/07/30 8:30 p.m.53 views

CVE-2010-1788

WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a use element in an SVG document...

9.3CVSS9.3AI score0.06539EPSS
CVE
CVE
added 2012/07/25 8:55 p.m.53 views

CVE-2012-3626

WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

9.3CVSS7.8AI score0.02013EPSS
Total number of security vulnerabilities176